From e31e28710972ec37e8fce0de678d05980df02582 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Mon, 9 Jan 2023 12:41:58 +0000 Subject: [PATCH 1/6] Pass MBEDTLS_CONFIG_FILE defines through cmake When -DMBEDTLS_CONFIG_FILE or -DMBEDTLS_USER_CONFIG_FILE are passed to cmake, pass them through as compile definitions. This allows different mbedtls configs to be passed at configure time without modifying any cmake files. Signed-off-by: David Horstmann --- library/CMakeLists.txt | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 553569ebdb..f38cfe00be 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -10,6 +10,14 @@ if(NOT DEFINED MBEDTLS_DIR) set(MBEDTLS_DIR ${CMAKE_SOURCE_DIR}) endif() +# If set, make MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE into PATHs +if(DEFINED MBEDTLS_CONFIG_FILE) + set(MBEDTLS_CONFIG_FILE "" CACHE PATH "Mbed TLS config file (overrides default).") +endif() +if(DEFINED MBEDTLS_USER_CONFIG_FILE) + set(MBEDTLS_USER_CONFIG_FILE "" CACHE PATH "Mbed TLS user config file (appended to default).") +endif() + set(src_crypto aes.c aesni.c @@ -229,6 +237,15 @@ foreach(target IN LISTS target_libraries) PRIVATE ${thirdparty_inc}) target_compile_definitions(${target} PRIVATE ${thirdparty_def}) + # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE + if(DEFINED MBEDTLS_CONFIG_FILE) + target_compile_definitions(${target} + PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") + endif() + if(DEFINED MBEDTLS_USER_CONFIG_FILE) + target_compile_definitions(${target} + PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") + endif() install(TARGETS ${target} DESTINATION ${LIB_INSTALL_DIR} PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) From 1a30cf70ccf0047152de9d388f9c3d33001521d2 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Thu, 12 Jan 2023 13:59:34 +0000 Subject: [PATCH 2/6] Pass config file options to mbedtls_test(_helpers) Signed-off-by: David Horstmann --- CMakeLists.txt | 22 ++++++++++++++++++++++ library/CMakeLists.txt | 8 -------- 2 files changed, 22 insertions(+), 8 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 1d390aa543..0743295fa3 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -135,6 +135,14 @@ if(CMAKE_SOURCE_DIR STREQUAL CMAKE_CURRENT_SOURCE_DIR) FORCE) endif() +# If set, make MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE into PATHs +if(DEFINED MBEDTLS_CONFIG_FILE) + set(MBEDTLS_CONFIG_FILE "" CACHE PATH "Mbed TLS config file (overrides default).") +endif() +if(DEFINED MBEDTLS_USER_CONFIG_FILE) + set(MBEDTLS_USER_CONFIG_FILE "" CACHE PATH "Mbed TLS user config file (appended to default).") +endif() + # Create a symbolic link from ${base_name} in the binary directory # to the corresponding path in the source directory. # Note: Copies the file(s) on Windows. @@ -304,6 +312,20 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/3rdparty/everest/include) + + # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE + if(DEFINED MBEDTLS_CONFIG_FILE) + target_compile_definitions(mbedtls_test + PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") + target_compile_definitions(mbedtls_test_helpers + PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") + endif() + if(DEFINED MBEDTLS_USER_CONFIG_FILE) + target_compile_definitions(mbedtls_test + PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") + target_compile_definitions(mbedtls_test_helpers + PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") + endif() endif() if(ENABLE_PROGRAMS) diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index f38cfe00be..61532ff796 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -10,14 +10,6 @@ if(NOT DEFINED MBEDTLS_DIR) set(MBEDTLS_DIR ${CMAKE_SOURCE_DIR}) endif() -# If set, make MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE into PATHs -if(DEFINED MBEDTLS_CONFIG_FILE) - set(MBEDTLS_CONFIG_FILE "" CACHE PATH "Mbed TLS config file (overrides default).") -endif() -if(DEFINED MBEDTLS_USER_CONFIG_FILE) - set(MBEDTLS_USER_CONFIG_FILE "" CACHE PATH "Mbed TLS user config file (appended to default).") -endif() - set(src_crypto aes.c aesni.c From 175afbdfe8302817578c12676be18b05d5e21628 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Thu, 12 Jan 2023 14:17:01 +0000 Subject: [PATCH 3/6] all.sh component to test cmake custom config file Signed-off-by: David Horstmann --- tests/scripts/all.sh | 63 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 75e5e6ba59..c2005c4d8b 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3412,6 +3412,69 @@ support_test_cmake_as_subdirectory () { support_test_cmake_out_of_source } +component_build_cmake_custom_config_file () { + # Make a copy of mbedtls_config.h to use for the in-tree test + cp include/mbedtls/mbedtls_config.h include/mbedtls_config_in_tree_copy.h + + MBEDTLS_ROOT_DIR="$PWD" + mkdir "$OUT_OF_SOURCE_DIR" + cd "$OUT_OF_SOURCE_DIR" + + # Build once to get the generated files (which need an intact mbedtls_config.h) + cmake "$MBEDTLS_ROOT_DIR" + make + + msg "build: cmake with -DMBEDTLS_CONFIG_FILE" + scripts/config.py -w full_config.h full + echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/include/mbedtls/mbedtls_config.h" + cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h "$MBEDTLS_ROOT_DIR" + make + + msg "build: cmake with -DMBEDTLS_CONFIG_FILE + -DMBEDTLS_USER_CONFIG_FILE" + # In the user config, disable one feature (for simplicity, pick a feature + # that nothing else depends on). + echo '#undef MBEDTLS_NIST_KW_C' >user_config.h + + cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_USER_CONFIG_FILE=user_config.h "$MBEDTLS_ROOT_DIR" + make + not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C + + rm -f user_config.h full_config.h + + cd "$MBEDTLS_ROOT_DIR" + rm -rf "$OUT_OF_SOURCE_DIR" + + # Now repeat the test for an in-tree build: + + # Restore mbedtls_config.h for the in-tree test + mv include/mbedtls_config_in_tree_copy.h include/mbedtls/mbedtls_config.h + + # Build once to get the generated files (which need an intact mbedtls_config.h) + cmake . + make + + msg "build: cmake (in-tree) with -DMBEDTLS_CONFIG_FILE" + scripts/config.py -w full_config.h full + echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/include/mbedtls/mbedtls_config.h" + cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h . + make + + msg "build: cmake (in-tree) with -DMBEDTLS_CONFIG_FILE + -DMBEDTLS_USER_CONFIG_FILE" + # In the user config, disable one feature (for simplicity, pick a feature + # that nothing else depends on). + echo '#undef MBEDTLS_NIST_KW_C' >user_config.h + + cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_USER_CONFIG_FILE=user_config.h . + make + not programs/test/query_compile_time_config MBEDTLS_NIST_KW_C + + rm -f user_config.h full_config.h +} +support_build_cmake_custom_config_file () { + support_test_cmake_out_of_source +} + + component_test_zeroize () { # Test that the function mbedtls_platform_zeroize() is not optimized away by # different combinations of compilers and optimization flags by using an From 6762231e4b61349afdad1ef7253299f8b4f92511 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 31 Jan 2023 10:34:44 +0000 Subject: [PATCH 4/6] Use CONFIG_H variable rather than config file name Signed-off-by: David Horstmann --- tests/scripts/all.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index c2005c4d8b..9eb5c39311 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3413,20 +3413,20 @@ support_test_cmake_as_subdirectory () { } component_build_cmake_custom_config_file () { - # Make a copy of mbedtls_config.h to use for the in-tree test - cp include/mbedtls/mbedtls_config.h include/mbedtls_config_in_tree_copy.h + # Make a copy of config file to use for the in-tree test + cp "$CONFIG_H" include/mbedtls_config_in_tree_copy.h MBEDTLS_ROOT_DIR="$PWD" mkdir "$OUT_OF_SOURCE_DIR" cd "$OUT_OF_SOURCE_DIR" - # Build once to get the generated files (which need an intact mbedtls_config.h) + # Build once to get the generated files (which need an intact config file) cmake "$MBEDTLS_ROOT_DIR" make msg "build: cmake with -DMBEDTLS_CONFIG_FILE" scripts/config.py -w full_config.h full - echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/include/mbedtls/mbedtls_config.h" + echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/$CONFIG_H" cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h "$MBEDTLS_ROOT_DIR" make @@ -3446,16 +3446,16 @@ component_build_cmake_custom_config_file () { # Now repeat the test for an in-tree build: - # Restore mbedtls_config.h for the in-tree test - mv include/mbedtls_config_in_tree_copy.h include/mbedtls/mbedtls_config.h + # Restore config for the in-tree test + mv include/mbedtls_config_in_tree_copy.h "$CONFIG_H" - # Build once to get the generated files (which need an intact mbedtls_config.h) + # Build once to get the generated files (which need an intact config) cmake . make msg "build: cmake (in-tree) with -DMBEDTLS_CONFIG_FILE" scripts/config.py -w full_config.h full - echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/include/mbedtls/mbedtls_config.h" + echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/$CONFIG_H" cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h . make From 58dda6713ce49d483628b7d59ca36077f288802c Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Wed, 15 Feb 2023 14:44:25 +0000 Subject: [PATCH 5/6] Use emptiness-checks rather than DEFINED checks For the MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE variables, check that they are non-empty and defined. This means they can be unconditionally created in the cache, simplifying the CMakeLists.txt Signed-off-by: David Horstmann --- CMakeLists.txt | 14 +++++--------- library/CMakeLists.txt | 4 ++-- 2 files changed, 7 insertions(+), 11 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 0743295fa3..30cef2fea0 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -135,13 +135,9 @@ if(CMAKE_SOURCE_DIR STREQUAL CMAKE_CURRENT_SOURCE_DIR) FORCE) endif() -# If set, make MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE into PATHs -if(DEFINED MBEDTLS_CONFIG_FILE) - set(MBEDTLS_CONFIG_FILE "" CACHE PATH "Mbed TLS config file (overrides default).") -endif() -if(DEFINED MBEDTLS_USER_CONFIG_FILE) - set(MBEDTLS_USER_CONFIG_FILE "" CACHE PATH "Mbed TLS user config file (appended to default).") -endif() +# Make MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE into PATHs +set(MBEDTLS_CONFIG_FILE "" CACHE FILEPATH "Mbed TLS config file (overrides default).") +set(MBEDTLS_USER_CONFIG_FILE "" CACHE FILEPATH "Mbed TLS user config file (appended to default).") # Create a symbolic link from ${base_name} in the binary directory # to the corresponding path in the source directory. @@ -314,13 +310,13 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/3rdparty/everest/include) # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE - if(DEFINED MBEDTLS_CONFIG_FILE) + if(MBEDTLS_CONFIG_FILE) target_compile_definitions(mbedtls_test PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") target_compile_definitions(mbedtls_test_helpers PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") endif() - if(DEFINED MBEDTLS_USER_CONFIG_FILE) + if(MBEDTLS_USER_CONFIG_FILE) target_compile_definitions(mbedtls_test PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") target_compile_definitions(mbedtls_test_helpers diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 61532ff796..a15925198d 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -230,11 +230,11 @@ foreach(target IN LISTS target_libraries) target_compile_definitions(${target} PRIVATE ${thirdparty_def}) # Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE - if(DEFINED MBEDTLS_CONFIG_FILE) + if(MBEDTLS_CONFIG_FILE) target_compile_definitions(${target} PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}") endif() - if(DEFINED MBEDTLS_USER_CONFIG_FILE) + if(MBEDTLS_USER_CONFIG_FILE) target_compile_definitions(${target} PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}") endif() From 63b06a8889cd5fcead036becbfead50aed64775a Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Fri, 7 Jul 2023 11:22:58 +0100 Subject: [PATCH 6/6] Add ChangeLog entry for CMake config defines Signed-off-by: David Horstmann --- ChangeLog.d/cmake-pass-through-config-defines.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/cmake-pass-through-config-defines.txt diff --git a/ChangeLog.d/cmake-pass-through-config-defines.txt b/ChangeLog.d/cmake-pass-through-config-defines.txt new file mode 100644 index 0000000000..6122f37d2d --- /dev/null +++ b/ChangeLog.d/cmake-pass-through-config-defines.txt @@ -0,0 +1,3 @@ +Features + * Allow MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE to be set by + setting the CMake variable of the same name at configuration time.